927 お客様のコメント
質問 1:
Which of the following files DOES NOT use Object Linking and Embedding (OLE) technology to embed and link to other objects?
A. MS-office Word OneNote
B. MS-office Word PowerPoint
C. Portable Document Format
D. MS-office Word Document
正解:C
質問 2:
Which of the following protocols allows non-ASCII files, such as video, graphics, and audio, to be sent through the email messages?
A. UUCODE
B. UT-16
C. BINHEX
D. MIME
正解:D
質問 3:
An investigator has found certain details after analysis of a mobile device. What can reveal the manufacturer information?
A. International mobile subscriber identity (IMSI)
B. Electronic Serial Number (ESN)
C. Integrated circuit card identifier (ICCID)
D. Equipment Identity Register (EIR)
正解:B
質問 4:
In a virtual test environment, Michael is testing the strength and security of BGP using multiple routers to mimic the backbone of the Internet. This project will help him write his doctoral thesis on "bringing down the Internet". Without sniffing the traffic between the routers, Michael sends millions of RESET packets to the routers in an attempt to shut one or all of them down. After a few hours, one of the routers finally shuts itself down. What will the other routers communicate between themselves?
A. The change in the routing fabric to bypass the affected router
B. STOP packets to all other routers warning of where the attack originated
C. RESTART packets to the affected router to get it to power back up
D. More RESET packets to the affected router to get it to power back up
正解:A
質問 5:
A honey pot deployed with the IP 172.16.1.108 was compromised by an attacker. Given below is an excerpt from a Snort binary capture of the attack. Decipher the activity carried out by the attacker by studying the log. Please note that you are required to infer only what is explicit in the excerpt.
(Note: The student is being tested on concepts learnt during passive OS fingerprinting, basic TCP/IP connection concepts and the ability to read packet signatures from a sniff dump.)
03/15-20:21:24.107053 211.185.125.124:3500 -> 172.16.1.108:111
TCP TTL:43 TOS:0x0 ID:29726 IpLen:20 DgmLen:52 DF
***A**** Seq: 0x9B6338C5 Ack: 0x5820ADD0 Win: 0x7D78 TcpLen: 32
TCP Options (3) => NOP NOP TS: 23678634 2878772
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
03/15-20:21:24.452051 211.185.125.124:789 -> 172.16.1.103:111
UDP TTL:43 TOS:0x0 ID:29733 IpLen:20 DgmLen:84
Len: 64
01 0A 8A 0A 00 00 00 00 00 00 00 02 00 01 86 A0 ................
00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 01 86 B8 00 00 00 01 ................
00 00 00 11 00 00 00 00 ........
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
03/15-20:21:24.730436 211.185.125.124:790 -> 172.16.1.103:32773
UDP TTL:43 TOS:0x0 ID:29781 IpLen:20 DgmLen:1104
Len: 1084
47 F7 9F 63 00 00 00 00 00 00 00 02 00 01 86 B8
A. The attacker has scanned and exploited the system using Buffer Overflow
B. The attacker has used a Trojan on port 32773
C. The attacker has conducted a network sweep on port 111
D. The attacker has installed a backdoor
正解:C
質問 6:
A call detail record (CDR) provides metadata about calls made over a phone service. From the following data fields, which one Is not contained in a CDR.
A. The language of the call
B. Phone number receiving the call
C. The call duration
D. A unique sequence number identifying the record
正解:A
質問 7:
Which program uses different techniques to conceal a malware's code, thereby making it difficult for security mechanisms to detect or remove it?
A. Dropper
B. Obfuscator
C. Injector
D. Packer
正解:B
質問 8:
What will the following command accomplish in Linux?
fdisk /dev/hda
A. Partition the hard drive
B. Delete all files under the /dev/hda folder
C. Fill the disk with zeros
D. Format the hard drive
正解:A
質問 9:
Jacob, a cybercrime investigator, joined a forensics team to participate in a criminal case involving digital evidence. After the investigator collected all the evidence and presents it to the court, the judge dropped the case and the defense attorney pressed charges against Jacob and the rest of the forensics team for unlawful search and seizure. What forensics privacy issue was not addressed prior to collecting the evidence?
A. Compliance with the Fourth Amendment of the U.S. Constitution
B. Compliance with the Third Amendment of the U.S. Constitution
C. None of these
D. Compliance with the Second Amendment of the U.S. Constitution
正解:A
Which of the following files DOES NOT use Object Linking and Embedding (OLE) technology to embed and link to other objects?
A. MS-office Word OneNote
B. MS-office Word PowerPoint
C. Portable Document Format
D. MS-office Word Document
正解:C
質問 2:
Which of the following protocols allows non-ASCII files, such as video, graphics, and audio, to be sent through the email messages?
A. UUCODE
B. UT-16
C. BINHEX
D. MIME
正解:D
質問 3:
An investigator has found certain details after analysis of a mobile device. What can reveal the manufacturer information?
A. International mobile subscriber identity (IMSI)
B. Electronic Serial Number (ESN)
C. Integrated circuit card identifier (ICCID)
D. Equipment Identity Register (EIR)
正解:B
質問 4:
In a virtual test environment, Michael is testing the strength and security of BGP using multiple routers to mimic the backbone of the Internet. This project will help him write his doctoral thesis on "bringing down the Internet". Without sniffing the traffic between the routers, Michael sends millions of RESET packets to the routers in an attempt to shut one or all of them down. After a few hours, one of the routers finally shuts itself down. What will the other routers communicate between themselves?
A. The change in the routing fabric to bypass the affected router
B. STOP packets to all other routers warning of where the attack originated
C. RESTART packets to the affected router to get it to power back up
D. More RESET packets to the affected router to get it to power back up
正解:A
質問 5:
A honey pot deployed with the IP 172.16.1.108 was compromised by an attacker. Given below is an excerpt from a Snort binary capture of the attack. Decipher the activity carried out by the attacker by studying the log. Please note that you are required to infer only what is explicit in the excerpt.
(Note: The student is being tested on concepts learnt during passive OS fingerprinting, basic TCP/IP connection concepts and the ability to read packet signatures from a sniff dump.)
03/15-20:21:24.107053 211.185.125.124:3500 -> 172.16.1.108:111
TCP TTL:43 TOS:0x0 ID:29726 IpLen:20 DgmLen:52 DF
***A**** Seq: 0x9B6338C5 Ack: 0x5820ADD0 Win: 0x7D78 TcpLen: 32
TCP Options (3) => NOP NOP TS: 23678634 2878772
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
03/15-20:21:24.452051 211.185.125.124:789 -> 172.16.1.103:111
UDP TTL:43 TOS:0x0 ID:29733 IpLen:20 DgmLen:84
Len: 64
01 0A 8A 0A 00 00 00 00 00 00 00 02 00 01 86 A0 ................
00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 01 86 B8 00 00 00 01 ................
00 00 00 11 00 00 00 00 ........
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
03/15-20:21:24.730436 211.185.125.124:790 -> 172.16.1.103:32773
UDP TTL:43 TOS:0x0 ID:29781 IpLen:20 DgmLen:1104
Len: 1084
47 F7 9F 63 00 00 00 00 00 00 00 02 00 01 86 B8
A. The attacker has scanned and exploited the system using Buffer Overflow
B. The attacker has used a Trojan on port 32773
C. The attacker has conducted a network sweep on port 111
D. The attacker has installed a backdoor
正解:C
質問 6:
A call detail record (CDR) provides metadata about calls made over a phone service. From the following data fields, which one Is not contained in a CDR.
A. The language of the call
B. Phone number receiving the call
C. The call duration
D. A unique sequence number identifying the record
正解:A
質問 7:
Which program uses different techniques to conceal a malware's code, thereby making it difficult for security mechanisms to detect or remove it?
A. Dropper
B. Obfuscator
C. Injector
D. Packer
正解:B
質問 8:
What will the following command accomplish in Linux?
fdisk /dev/hda
A. Partition the hard drive
B. Delete all files under the /dev/hda folder
C. Fill the disk with zeros
D. Format the hard drive
正解:A
質問 9:
Jacob, a cybercrime investigator, joined a forensics team to participate in a criminal case involving digital evidence. After the investigator collected all the evidence and presents it to the court, the judge dropped the case and the defense attorney pressed charges against Jacob and the rest of the forensics team for unlawful search and seizure. What forensics privacy issue was not addressed prior to collecting the evidence?
A. Compliance with the Fourth Amendment of the U.S. Constitution
B. Compliance with the Third Amendment of the U.S. Constitution
C. None of these
D. Compliance with the Second Amendment of the U.S. Constitution
正解:A
松岛** -
今時のアプリを利用した過去問演習にも対応
至れり尽くせりの312-49v10一冊だなって思いました。